communication section for generating a unique global address 
by the system component node itself upon connection to the 
network, and for transmitting the generated global address, 
attribute information "of the system component node and 
installation position information of the system component node, 
to the network; and 

a management node for monitoring and operating the system 
component nodes through the network and managing control of 
the whole control system, wherein 

the management node includes: 

a communication section for performing communication 
through the network; 

a storage section for storing definition information of 
the system component nodes; 

a display section for displaying an operation and monitor 
screen; 

a definition information generation section for 
generating the definition information based on the global 
address, the attribute information and the position 
information which are acquired through the network, and for 
storing the definition information in the storage section; 

a screen generation section for making the display 
section display the operation and monitor screen of the system 
component nodes from the definition information in the storage 
section; and 
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(6) The control system as described in (1) , wherein each 
ojLthe communication sections of the system component node and 
t he communi cati on section of the management node have nas__an 
address generation "section for generating a unique global 
address . 

[0027] 

(7) The control system as described in (1) , wherein each 
of the communication sections of the system component node and 
th^coinmunicati Gn section of the management node performs 
packet communication . 

[0028] 

(8) The control system as described in (7) , wherein the 
communication section has an authentication section for adding 
authentication data to a header of a packet, and determining 
validity of the received packet according to the authentication 
data added to the packet. 

[0029] 

(9) The control system as described in (7) , wherein the 
communication section has a cryptograph processing section for 
encrypting a packet. 

[0030] 

(10) The control system as described in (7) , wherein the 
communication section of the system component node multicasts 
a packet including the generated global address as a source 
address to all of the management node and the system component 
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the position where the system component node 40 is installed 
in the plant . The attribute information determination section 
52a 52b determines the . attribute information of the system 
component node 4 0 for validity. 
[0062] 

The control function providing section 53 reads the 
control functions from the control function definition DB 51d 
and outputs the control functions to the communication section 
Tr. The screen generation section 54 reads the definition 
information of the operation and monitor screen from the 
operation and monitor screen definition DB 51e and causes the 
display section 55 to display the operation and monitor screen. 
[0063] 

The operation of such an apparatus is as follows: 
First, before the plant is controlled, system design for 
controlling the plant is conducted. 

As with the apparatus shown in FIG. 1, the plant designer, 
developer, etc., designs the numbers, the specifications, the 
installation locations, etc., of the controllers C ( 1 ) toC(3), 
the sensors SN (1) to SN(4), and the actuators AC ( 1 ) to AC (4). 
Position information for installing the controllers C(l) to 
C(3), etc., is defined in the system configuration definition 
DB 51a. The network addresses of the controllers C (1) to C (3) , 
the sensors SN(1) to SN(4), and the actuators AC(1) to AC (4) 
need not be defined in the network definition DB 51b. 



node 4 0 is added to the network definition DB 51b (SQ8) . 
[0074] 

Further, the control function providing section 53 reads 
the tag from the tag definition DB 44re--5.1c and reads the control 
functions from the control function definition DB 51d and 
outputs them to the communication section Tr. Further, the 
communication section Tr creates a packet including the tag 
and the control functions as data, adds authentication data 
to the header, and encrypts the data. Then, it transmits the 
packet to the system component node 4 0 and downloads (SQ9) . 
[0075] 

The system component node 40 of the destination converts 
the packet received from the management node 50 into plaintext, 
determines the authentication data for validity, and outputs 
the control functions included in the packet to the control 
function acquisition section 43. The control function 
acquisition section 43 converts into data in an executable 
format and stores the data in the control function holding 
section 44 (SQ10) . The initial installation at the system 
constructing time is now complete. 
[0076] 

The system component node whose installation is complete 
multicasts a packet including an identifier indicating the 
normal operation as data to the management node 50 and the 
relevant system component nodes 40 at regular time intervals. 
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control result to the communication section Tr. The 
communication section Tr of the 3 c noor - actuator AC generates 
a packet including the result as data, adds authentication data 
to the header, encrypts the packet, and transmits the packet 
to the controller C(l) to C(3) issuing the command. 
[0080] 

The communication sections Tr of the distributed 
controllers C(l) to C(3) receive the packets from the 
communication sections Tr of the various sensors SN ( 1 ) to SN ( 4 ) . 
Using the received packet data, predetermined control 
operations, etc., are performed and the actuators AC(1) to 
AC (4) are operated for controlling the plant. Each of the 
controllers C(l) to C(3) monitors the upper and lower limit 
values for input data, output data, etc., and if the upper and 
lower limit value range is exceeded, each of the controllers 
C(l) to C(3) converts an alarm signal, etc., indicating the 
event into a packet and transmits the packet through the network 
100 to the management node 50. Further, the various control 
functions handled by the controllers C(l) to C(3) are sent 
through the network 100 to the management node 50, which then 
displays the control functions, the monitor result, etc., of 
the plant on the display section 55. The operator monitors 
the display section 55 and again sets the control functions 
for running and operating the plant in the management node 50 
as required and causes the management node 50 to transmit the 
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For example, if the authentication result of the 
authentication sensor SN(5) is correct, the controller C(4) 
opens the electric lock of the door not shown. If the human 
body sensor SN ( 6) senses a human being, the controller C(5) 
turns on the lighting AC (6) andAC(7) . Further, the controller 
C(6) operates the air conditioner AC (8) depending on the 
temperature from the temperature sensor SN(7). The 
input/output signals to/from the controllers C(4) to C(6) are 
transmitted to the management node 50 through the network 100. 
The data relevant to the items defined in the daily and monthly 
report definition DB ^-51 f and the alarm definition D3_51g | 
is also transmitted to the management node 50 through the 
network 100. The controllers C(4) to C(6) open/close the 
electric lock AC (5) and turn on/of f the lighting AC ( 6) and AC (7) 
15 and the air conditioner AC (8) according to the schedules in 
the schedule definition DB. A screen generation section 54 
may display an operation and monitor screen, the daily and 
monthly results, occurring alarms, the current schedule 
progress situation, etc., on a display section 55 by 
20 transmitting and receiving an operation and monitor screen 

definition DB £^§ -51e and the input/output signals to/ from the j 
controllers C(4) to C(6). 
[0106] 

Thus, the control system of the invention is applied to 
25 the BA, whereby change of the system component node 40 in each 
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data, so that the validity of the packet can be easily 
determined at the packet level and the system reliability 
improves. Further, since the cryptograph processing section 
Tr3 encrypts a packet for transmission, leak, tampering, etc., 
5 of the data in the packet can be prevented. 
[0110] 

For example, to conduct communications through the 
Internet, for example, sufficient global addresses would be 
unable to be assigned with IPv4 (Internet Protocol version 4) ; 
10 this is a problem. Unauthorized access from the Internet also 
needs to be restricted. Thus, private addresses are assigned 
to the system .component nodes 40 for each plant or for each 
building. A gateway and a network address translation unit 
(NAT: Network Address Translation) are provided between the 
15 Internet and the . system component nodes 4 0 for enhancing 
security. Thus, it becomes difficult to externally operate 
and monitor the system component nodes 40. However, the 
communication section Tr generates the global address and 
conducts secure communications in accordance with the IPv6 
20 specifications, so that the gateway and the NAT are not required. 
Accordingly, the system configuration can be simplified and 
the cost can be suppressed. 
[0111] 

Since communications are conducted using the Internet, 
25 the management node 50 and the system component nodes -&0~4O 
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section Tr2 and the cryptograph processing section Tr3 may be 
uninstalled if the reliability and security of „ the system 
component nodes 40 connected to the network 100 are secured. 
[0116] 

In the apparatus shown in FIGS. 2, 6, and 7 , the attribute 
information determination section 52b for determining the 
system component nodes 4 0 for validity is provided, but if aft 



of the system component nodes 40 a^e-is secured, the attribute 
information determination section 52b may be uninstalled. 



In the apparatus shown in FIGS. 2, 6, and 7, the position 
detection section 41 performs position determination by GPS 
using radio waves from an artificial satellite and detects the 
position, but a plurality of radio wave base stations for 
emitting radio waves may be installed in a plant or a building 
and the system component node 40 may receive the radio waves 
emitted from the radio wave base stations and may detect the 
position of the home node based on the received radio wave 
strength. Particularly, the mode is effective in a place that 
the radio waves from the satellite do not reach or are hard 
to reach (for example, underground or valley between tall 
buildings) . The position may be detected using ultrasonic 
waves rather than radio waves. 




•ke-e«£-the reliability of the installation 



[0117] 



[0118] 



transmitting and receiving the input/output signals to/from 
the sensors SN(1) to SN(7) and the actuators AC(1) to AC (8) 
and reflect the control functions on the control function 
definition DB 51d of the management node 50, so that the need 
for the operator to find the optimum control function from the 
operation and monitor screen of the display section 55 and store 
the optimum control function in the control function defi nition 
DB 51d is eliminated. Accordingly, the number of steps taken 
after the system configuration is changed can be reduced. 



49 



